Project

General

Profile

Actions

Optimization #6502

open

schema: avoid - and . in keys

Added by Philippe Antoine about 1 year ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

From @Jason Ish

- don't break Elastic, just makes queries harder. '.' will break Elastic and some tools.

git grep '-' etc/schema.json . yields
- bittorrent-dht
- ftp-data
- icmp-prohib
- tcp-reset
- reject-target

These should use underscore


Related issues 1 (1 open0 closed)

Related to Suricata - Documentation #6478: schema: add missing fieldsNewCommunity TicketActions
Actions #1

Updated by Philippe Antoine about 1 year ago

Actions #2

Updated by Philippe Antoine about 1 year ago

alert.signature-id would be taken as a math expression.

Actions #3

Updated by Philippe Antoine about 1 year ago

Need some CI check after fixing the few fields

Actions

Also available in: Atom PDF